Job Summary
Serve as a GRC Specialist with deep experience in cloud native security risk and compliance to strengthen enterprise controls and protect critical data assets in a hybrid work setting. Apply expertise in GCP native security vulnerability and compliance management vendor risk oversight and ServiceNow GRC to embed governance into daily operations while enabling secure innovation for global stakeholders.
Responsibilities
- Should have information security background 3 - 5 years.
- Capable of understanding and assessing gaps based on frameworks such as NIST CIS etc.
- Able to support during EST/PST hours for collaboration.
- Should be comfortable drafting presentations and co-ordinate with key stakeholders.
- Willing to learn and deliver on the job
Scope and Key Deliverables
Deployment 1 CJ 2.1 Existing Applications
1. Check the Survey questionnaire.
2. Gap Assessment for v2.1 controls.
3. Pre-population of control questionnaire with answers from Survey Questionnaire.
4. Send pre-populated control questionnaire to SMs for re-certification.
5. Identify Gaps & Remediation.
6. Raise Exception or Submit evidence for remediation to close the gap.
7. Pending CJ 2.0 tasks.
8. Get approvals for exceptions in progress.
9. Track status of controls for approved exceptions.
Deployment 2 CJ 2.1 New applications
1. Document the process for onboarding new applications into CJ 2.1.
2. Revalidation of existing CJ data and Tier.
3. Identification of new CJ data and Tier.
4. CJ Applicability Assessment.
5. Perform CJ applicability assessment for each application.
6. Identify new applications from New Entities for onboarding into CJ 2.1.
7. Identify new applications from existing entities for onboarding into CJ 2.1.
8. Get inventory of Applications to be scoped for CJ 2.1.
Deployment 3 CJ 2.1 Metrics & Dashboards
1. Produce data for generating the Reports Metrics & Dashboards.
Qualifications
- Demonstrate seven to nine years of specialized experience in governance risk and compliance functions with significant exposure to enterprise scale technology environments.
- Apply strong hands on expertise in GCP native security capabilities such as identity management logging configuration assessment and data protection to secure cloud workloads.
- Use solid background in vulnerability management tools practices and coordination to ensure timely identification prioritization and remediation of technical weaknesses.
- Bring proven experience in compliance management by interpreting regulatory frameworks and industry standards and translating them into practical control activities for technology teams.
- Show practical knowledge of vendor risk management by evaluating third party security controls contracts and attestations to protect information shared with external partners.
- Utilize experience with ServiceNow GRC configuration workflows and reporting to build structured governance processes that reduce manual effort and improve traceability.
- Apply incident management experience in assessing security and compliance events coordinating with responders documenting actions and supporting continuous improvement initiatives.
Over Cognizant
Cognizant (NASDAQ: CTSH) is een bouwer van AI-oplossingen en een leverancier van technologiediensten. Wij slaan de brug tussen AI-investeringen en ondernemingswaarde door het bouwen van full-stack AI-oplossingen voor onze klanten. Onze diepgaande kennis van sectoren, processen en engineering stelt ons in staat om de unieke context van een organisatie te verankeren in technologische systemen. Deze systemen versterken het menselijk potentieel, realiseren tastbare resultaten en geven wereldwijde ondernemingen een voorsprong in een snel veranderende wereld. Ontdek hoe op cognizant.ai of @cognizant.
Aanvullende arbeidsinformatie
De informatie over de beloning is correct op de datum van deze vacature. Cognizant behoudt zich het recht voor om deze informatie op elk moment te wijzigen, met inachtneming van de toepasselijke wetgeving.
Van sollicitanten kan worden verwacht dat zij gesprekken bijwonen, persoonlijk of via een videogesprek. Daarnaast kan van kandidaten worden gevraagd om tijdens elk gesprek een geldig, door de overheid uitgegeven identiteitsbewijs (zoals een identiteitskaart of paspoort) te tonen.
Cognizant is een werkgever die gelijke kansen biedt. Je sollicitatie en kandidatuur worden niet beoordeeld op basis van ras, huidskleur, geslacht, religie, levensovertuiging, seksuele geaardheid, genderidentiteit, nationale afkomst, handicap, genetische informatie, zwangerschap, veteranenstatus of enige andere eigenschap die wordt beschermd door federale, regionale of lokale wetgeving.
